Federal Watchdog Slams Health Net for ‘Unprecedented’ Refusal to Comply with Vulnerability Testing
Health Net later refused to comply with data requests necessary to perform critical vulnerability and configuration management testing. On Feb. 7, Health Net responded to a formal memo from OIG, indicating that it would not provide the requested documentation, nor would it allow the agency to conduct testing. “Health Net’s refusal to allow this standard audit test work as part of our audit leaves multiple questions about Health Net’s vulnerability and configuration management programs unanswered,” the OIG stated in its report.

Hacking Pacemakers is Good TV, but is it for Real?
“The likelihood of an individual hacker successfully affecting a cardiovascular implantable electronic device or being able to target a specific patient is very low. A more likely scenario is that of a malware or ransomware attack affecting a hospital network and inhibiting communication,” Lakkireddy said in a news release.

Imaging Systems Biggest Security Risk in Healthcare
The report reveals that the most common types of security risks were found to originate from user practice issues such as using embedded browsers on medical workstations to surf the web, conduct online chat or download content, which accounted for 41% of all security issues identified. This was followed by outdated operating systems or software such as the use of legacy Windows versions, obsolete applications and unpatched firmware.

OCR Highlights 8 Tips for Avoiding Healthcare Phishing Attacks
Healthcare phishing attacks are becoming more sophisticated, which is why organizations must remain vigilant in their detection measures, OCR explained in its recent cybersecurity newsletter. Hackers can take advantage of popular holidays to try and take advantage of individuals, and phishing attacks are also common during tax season, the agency stated. Spear phishing can also be especially damaging to healthcare.

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

Want more cybersecurity information?

We may also occasionally send you information about Critical Informatics products and solutions; you can unsubscribe at anytime if desired.

Leave this field empty if you're human:

About Critical Informatics

We are world-class information security professionals providing Managed Detection and Response services to help you be secure, compliant, and resilient against threats to the life safety, life-sustaining, and quality-of-life systems and services you provide to clients, customers, constituents, and communities.